Vulnerability CVE-2004-1685


Published: 2004-09-15   Modified: 2012-02-12

Description:
SMC routers SMC7004VWBR running firmware 1.00.014 and SMC7008ABR EU running firmware 1.42.003 allow remote attackers to bypass authentication by connecting to it from the same IP address as the administrator who is logged in, then accessing the setup_status.htm or status.HTM pages.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Smc networks -> Smc7004vwbr 
Smc networks -> Smc7008abr 

 References:
http://secunia.com/advisories/12601
http://marc.theaimsgroup.com/?l=bugtraq&m=109526094614160&w=2
http://xforce.iss.net/xforce/xfdb/17443
http://www.securityfocus.com/bid/11197
http://www.osvdb.org/10088

Copyright 2024, cxsecurity.com

 

Back to Top